The Devil Does Not Exist - The Role of Deception in Cyber

Presented at Black Hat USA 2014, Aug. 7, 2014, 2:15 p.m. (60 minutes)

While it might be convenient to think of cyberadversaries as ones and zeros, the reality is that systems are attacked and defended by human beings. As a result, it is important to understand the role deception plays in network operations. This presentation draws upon traditional and emerging research on deception and associated game theories to help the audience understand how attackers might deceive them, how to recognize that deception, and how defenders can also deceive their attackers.


Presenters:

  • Matt Devost - FusionX, LLC
    Matt Devost is a technologist, entrepreneur, and international security expert specializing in counterterrorism, critical infrastructure protection, intelligence, risk management, and cybersecurity issues. Currently, Mr. Devost is President & CEO of FusionX, LLC, a cybersecurity consultancy that helps international corporations identify and manage dynamic threats in complex operational environments. Additionally, Mr. Devost has been an Adjunct Professor at Georgetown University since 2002 where he teaches a graduate course on Information Warfare and Security, and is a Founding Director of the Cyberconflict Studies Association. Mr. Devost founded the Terrorism Research Center, Inc. (TRC) in 1996, where he served as President and CEO until November 2008. As Founder and President, Mr. Devost oversaw all research, analysis, intelligence, assessment, and training programs. Previously, Mr. Devost held leadership positions at iSIGHT Partners, Technical Defense, Security Design International, iDEFENSE and SAIC. Mr. Devost has been a speaker at hundreds of international conferences and a contributor/author to several books on terrorism and information security.
  • Mark Mateski - Red Team Journal
    As both an analyst and a manager at a number of defense and security organizations, Mark has directed wargames, conferences, studies, and assessments covering a range of topics. For well over a decade he has been a thought leader in the red teaming community and has pioneered the application of systems engineering principles, techniques, and tools to the practice of red teaming. In 1997, he founded Red Team Journal, a site designed to further the practice of red teaming and alternative analysis. Mateski has earned degrees in political science, national security studies, and systems engineering. He is currently an executive security and strategy consultant and teaches eight different graduate courses for the Department of Engineering Management and Systems Engineering (EMSE) at The George Washington University.

Links:

Similar Presentations: